| From: | hubert depesz lubaczewski <depesz(at)depesz(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: partially effective revoke on pg_catalog |
| Date: | 2007-09-10 17:12:13 |
| Message-ID: | 20070910171213.GA17063@depesz.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Mon, Sep 10, 2007 at 11:17:21AM -0400, Tom Lane wrote:
> > ok, but i belive it should either dont allow admin to do so, or, if it
> > does allow, it should behave more consistently.
> There are few "training wheels" for superuser mode. Try something like
> "delete from pg_proc" if you are looking for ways to break your
> database.
i'm perfectly fine with "revoke from pg_catalog" not working/not
allowed, but dont you think that the outcome should be a bit more
consistent?
if it would "break the database" - i'm happy with it.
if it will reject hhe command as "it is not possible" - i'm happy with
it.
but now postgresql raports to user that revoke worked. and at first
sight it actually does seem like it.
but a second check showes that the revoke is not really 100% effective.
again - i'm in no position to ask to give the ability to revoke the
privileges. all i'm asking is to put some consistency - either break it,
or forbid. but dont say "revoked" when it's not really true.
depesz
--
quicksil1er: "postgres is excellent, but like any DB it requires a
highly paid DBA. here's my CV!" :)
http://www.depesz.com/ - blog dla ciebie (i moje CV)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jukka Holappa | 2007-09-11 09:28:19 | Re: BUG #3595: Segmentation fault with a simple select query |
| Previous Message | Tom Lane | 2007-09-10 15:17:21 | Re: partially effective revoke on pg_catalog |